May 13, 2017

What is Ransomware? How do I unlock, protect myself: Global Cyber Security Attack

Little did you know about Ransomware? what is it? How do I protect myself from it? How is it even getting installed on my computer or personal laptop? Am I able to recover my data ever? Is it true if I pay them ransom, they will unlock my files? But my files are already compromised aren't they? Why are they requesting Bitcoin? why not any other payment service! - HOLD on! This is your pit stop. Here is everything you need to know about Ransonware attack or the wannacry softwares does to your system!

Also we happen to establish a key to unlock your files temporarily! Read on to know more

What Happened?! Ransomware

Hackers exploiting malicious software stolen from the National Security Agency(NSA) executed damaging cyber attacks on Friday(12th May 2017) that hit dozens of countries worldwide, forcing Britain’s public health system to send patients away, freezing computers at Russia’s Interior Ministry and wreaking havoc on tens of thousands of computers elsewhere. By late Friday the attacks had spread to more than 100 countries, according to security firms tracking the spread. Kaspersky Lab, a Russian cyber security firm, said Russia was the worst-hit, followed by Ukraine, India and Taiwan. Reports of attacks also came from Latin America and Africa.

The attacks amounted to an audacious global blackmail attempt spread by the internet and underscored the vulnerabilities of the digital age. Transmitted via email, the malicious software locked British hospitals out of their computer systems and demanded ransom before users could be let back in — with a threat that data would be destroyed if the demands were not met. Workers at those hospitals, a Spanish telecommunications firm and elsewhere were confronted with a message on their monitors that read, “Ooops, your files have been encrypted!” and demanded $300 in Bitcoin, an anonymous digital currency preferred by criminals, to restore access.

Has anyone paid the ransom?

Security experts said those who had already fallen victim to ransomware on Friday may have little recourse. Jason Rebholz, a senior director at Crypsis Group, which specializes in ransomware, said victims could try to search the web for a decryption service, but chances are that in a sophisticated attack like this one, cyber-criminals had already taken steps to immunize their encryption from such services.

How big is the attack?

There have been reports of infections in 78 countries at first but its spreading quickly like an epidemic .So far the latest count is 110 countries, including the UK, US, China, Russia, Spain and Italy, India, Pakistan, South Africa. Cyber-security firm Avast said it had seen 75,000 cases of the ransomware - known as WannaCry and variants of that name - around the world. "This is huge," said Jakub Kroustek at Avast.

Many researchers say the incidents appear to be linked, but say it may not be a coordinated attack on specific targets. Meanwhile wallets for the digital cryptocurrency Bitcoin that were seemingly associated with the ransomware were reported to have started filling up with cash.

How does the malware work?

Some security researchers have pointed out that the infections seem to be deployed via a worm - a program that spreads by itself between computers. This may be through the email attachment or your internet connection that is a part of public or organisation that you are already a part of.

Unlike many other malicious programs, this one has the ability to move around a network by itself. Most others rely on humans to spread by tricking them into clicking on an attachment harbouring the attack code. I have to agree that it is a one awesome piece of attack. Although it did harm the peace scenario yet an intelligent move.

By contrast, once WannaCry is inside an organisation it will hunt down vulnerable machines and infect them too. This perhaps explains why its impact is so public - because large numbers of machines at each victim organisation are being compromised.

Who has been affected?

The National Health Service (NHS) in England and Scotland appears to have been the worst hit and screenshots of the WannaCry program were shared by NHS staff. Hospitals and doctors' surgeries were forced to turn away patients and cancel appointments. One NHS worker told the BBC that patients would "almost certainly suffer" as a result. Some reports said Russia had seen more infections than any other single country. Russia's interior ministry said it had "localized the virus" following an "attack on personal computers using Windows operating system".

People tweeted photos of affected computers including a local railway ticket machine in Germany and a university computer lab in Italy. A number of Spanish firms - including telecoms giant Telefonica, power firm Iberdrola and utility provider Gas Natural - suffered from the outbreak. There were reports that staff at the firms were told to turn off their computers.
Portugal Telecom, delivery company FedEx, a Swedish local authority and Megafon, the second largest mobile phone network in Russia, also said they had been affected.

Temporary Cyber Hero: Just 10$ SAVED THE WORLD?!

A UK-based cybersecurity researcher, tweeting as @MalwareTechBlog, said he had accidentally managed to temporarily halt the spread of the virus. He was quoted as saying that he noticed that the virus was searching for a web address that had not been registered. He bought the domain name for around $10 and found that by registering it, he triggered a "kill switch" that stopped the worm's spread. But, he warned it was likely to be only a temporary fix. "So long as the domain isn't removed, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again," he tweeted.

Now you might be interested little tech, so how did he find out the web address of the domain that its been searching for. Everything is transparent in virtual world. Head over to url andt try to access any website. As you see on bottom left,it shows an access path that is trying to be reached or connected. If nothing helps then we have inspect elements right? developers;)

Why Bitcoin?

Duh! You are dumb enough to live in this world asking about that?! Oops that was harsh but Hey! Yo! Bitcoin rate boosted out 100 times it price. Bitcoin basically is virtual money. You receive/send via a hash which looks gibberish "iushdiuasuhdia7aw7d782" But it actually is a code that cannot be decoded no matter what. Later this bitcoin can be cashed in ;)

You won't be able to track the person or the money once it is gone. Only thing you can check out is the amount that has been sent.

Once your money is gone off bitcoin then its gone forever. There is no charge back or refunds.

Who is behind the attack?

Some experts say the attack may be have been built to exploit a weakness in Microsoft systems that was identified by the NSA and given the name EternalBlue. The NSA tools were then stolen by a group of hackers known as The Shadow Brokers, who then attempted to sell the encrypted cache in an online auction.

However they subsequently made the tools freely available, releasing a password for the encryption on 8 April. The hackers said they had published the password as a "protest" about US President Donald Trump.

At the time, some cyber-security experts said some of the malware was real, but old. A patch for the vulnerability was released by Microsoft in March, but many systems may not have had the update installed.

Microsoft said on Friday its engineers had added detection and protection against the malware. The company was providing assistance to customers, it added.

We are a cyber security certified v8. We happen to have a solution Key that would work upto18000 computer/laptops. If you happen to have been infected by this - then sign up for the newsletter now! We will inbox you the code, as we don't want hackers to fix those keys.

Looking for "Spyrix Software"? Spyrix Personal Monitor is a great program for remote monitoring software. It can keep track of what sites users visit, what files to download, print, may block sites specified themes and much more.If you want to know more, Please check out here: spyrix